VPC peering is basically a network connection which enables us to connect multiple VPC's (region-region, account-account). VPC peering allows you to deploy cloud resources in a virtual network that you have defined, also data can be transferred across these resources with more security.
- Cloud VPC
- Peering Connection
- Subnets
- Route Table
- Internet-Gateway
- NAT Gateway
- Elastic-IP
- Key-Pair
- Security Groups
- EC2 Instances
This is a Fully automated Terraform codes which make use of creating Inter Region VPC Peering. Here we have an APP server and a SSH Server on the First VPC, and a Database server on Second VPC which is situated on a different AWS region.
Also, the Database server resides in a Private Network and the SSH access to Database server is made posssible only from SSH server deployed on VPC 1. This terraform code itself do the subnet calculations and also it will be using the latest available Amazon Linux AMI on all the 3 Insances.
Included the option for applying User Data for APP and DB server, a user can edit them as their wish ( app.sh and db.sh ).
- Terraform must be instaled.
- An AWS user with corect IAM Permissions.
- Basic Knowledge on installing Services on a Linux machine.
-
git clone https://github.com/ManuGeorge96/inter_region_vpc_peering_terraform.git
-
cd inter_region_vpc_peering_terraform
- Update terraform.tfvars with values.
- You may also edit the user data files, app.sh and db.sh.
-
terraform init
-
terraform apply
- Once Completed you will get the required IPs for the Instances on the terminal and you can SSH into the Instances using the key peer
main.tf
-
Section - 1
- Resource Block used for creating VPC's on the two regions
- aws_vpc
-
Section - 2
- Contains two resource block aws_vpc_peering_connection and aws_vpc_peering_connection_accepter
- "Peering Connection" used on the requestor side and "Peering Connection Accepter" used on the accepter side.
-
Section - 3
- This section does the Subnet calculations and assigning the calculated subnets to each Availability Zones.
- aws_subnet
-
Section - 4
- Section for creating an Elastic IP on acceepter side.
- aws_eip
-
Section - 5
- This section deals with the NAT Gateway creation and allocation if Elastic IP to the Gateway on the accepter side.
- aws_nat_gateway
-
Section - 6
- For creating Internet Gateway on both the side ( requester and accepter ).
- aws_internet_gateway
-
Section - 7
- This section deals with the key part of the Project, Route Tables on both sides.
- aws_route_table
-
Section - 8
- Here, the created Route Table get allocated to the correct subnets
- aws_subnet_association
-
Section - 9
- Section deals with the EC2 instance creation APP and SSH on requester side and DB on accepter side.
- aws_ec2_instance
-
Section - 10
- Section deals with Security Group creation for the EC2 Instances.
- aws_security_group